Hello,
I have some containers in docker,
I user them in the LAN like this :
In adguard i create a redirect to docker server :
hsca.l.mydomain.ovh -> 192.168.50.118
da.l.mydomain.ovh -> 192.168.50.118
Then in config.yaml :
http:
#REGION : routers
routers:
# dashy
da:
entryPoints:
- "https"
rule: "Host(`da.l.mydomain.ovh`)"
middlewares:
- default-headers
- https-redirectscheme
tls: {}
service: da
# headscale admin
hsca:
entryPoints:
- "https"
rule: "Host(`hsca.l.mydomain.ovh`)"
middlewares:
- default-headers
- https-redirectscheme
tls: {}
#endREGION : routers
#REGION : services
services:
# dashy
da:
loadBalancer:
servers:
- url: "http://192.168.50.118:12346/"
passHostHeader: true
# headscale admin
hsca:
loadBalancer:
servers:
- url: "http://hsca:80"
passHostHeader: true
#endREGION : - services
middlewares:
https-redirectscheme:
redirectScheme:
scheme: https
permanent: true
default-headers:
headers:
frameDeny: true
browserXssFilter: true
contentTypeNosniff: true
referrerPolicy: "no-referrer"
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 15552000
customFrameOptionsValue: SAMEORIGIN
customRequestHeaders:
X-Forwarded-Proto: https
default-whitelist:
ipWhiteList:
sourceRange:
- "10.0.0.0/8"
- "192.168.50.0/16" # lan
- "192.168.10.0/16" # web - docker
- "192.168.60.0/16" # proxy - docker
- "172.16.0.0/12"
secured:
chain:
middlewares:
- default-whitelist
- default-headers
searxng-headers:
headers:
customResponseHeaders:
X-Robots-Tag: "noindex, noarchive, nofollow"
Permissions-Policy: "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()"
Traefik docker-compose :
version: '3'
services:
srv_traefik:
container_name: ${C_TFK}
image: ${C_TFK_IMG}
restart: ${C_ALL_RESTART}
hostname: ${C_TFK_HOST}
security_opt:
- no-new-privileges:true
ports:
- 80:80
- 443:443
environment:
- CF_API_EMAIL=${CF_EMAIL}
- CF_API_KEY=${CF_API_KEY}
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${REP_APPDATA}/${C_TFK}/data/traefik.yml:/traefik.yml:ro
- ${REP_APPDATA}/${C_TFK}/data/acme.json:/acme.json
- ${REP_APPDATA}/${C_TFK}/data/config.yml:/config.yml:ro
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=http"
- "traefik.http.routers.traefik.rule=Host(`tf.${DOML}`)"
- "traefik.http.routers.traefik-s.tls.domains[0].main=${DOML}"
- "traefik.http.routers.traefik-s.tls.domains[0].sans=*.${DOML}"
#- "traefik.http.routers.traefik-s.tls.domains[1].main=${DOM}"
#- "traefik.http.routers.traefik-s.tls.domains[1].sans=*.${DOM}"
- "traefik.http.routers.traefik-s.rule=Host(`tf.${DOML}`)"
- "traefik.http.middlewares.traefik-auth.basicauth.users=doge:somesecretkey"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-s.entrypoints=https"
- "traefik.http.routers.traefik-s.middlewares=traefik-auth"
- "traefik.http.routers.traefik-s.tls=true"
- "traefik.http.routers.traefik-s.tls.certresolver=cloudflare"
- "traefik.http.routers.traefik-s.service=api@internal"
- "traefik.http.services.tfk.loadbalancer.server.port=80" # service=tfk
networks:
- default
networks:
default:
external:
name: $NET_TFK
.env file :
DOML=l.mydomain.ovh
DOM=mydomain.ovh
My home router redirects 80 and 443 to docker server IP so this would lead to traefik.
A can access this in the LAN :
hsca.l.mydomain.ovh
da.l.mydomain.ovh
But how to access this adresses on the WEB ? :
hsca.mydomain.ovh
da.mydomain.ovh
Help please,
Best regards 